Hacking group, N4aughtysecGroup, has threatened to release Sassa data, this after the collective hailed two Stellenbosch students as heroes for uncovering serious flaws in Social Relief of Distress Grant system.
Cape Town – A Brazil-based hacking group, N4aughtysecGroup, has threatened to release the South African Social Security Agency’s (Sassa) data, this after the collective hailed two Stellenbosch students as heroes for uncovering serious flaws in Social Relief of Distress Grant (SRD) system.
Veer Gosai and Joel Cedras, two first-year Stellenbosch University (SU) computer science students recently appeared before the Portfolio Committee on Social Development to elaborate on how they discovered weaknesses in Sassa’s social grants system and alleged rampant fraud related to the SRD grant application process.
The students found that their ID numbers were used to apply for the SRD grant, which led to a broader investigation into the fraudulent use of student IDs to access the grants meant for the most destitute in the country.
The hacker group who last year demanded $30m (about R565m) from TransUnion and $30m from Experian, two of the country’s largest consumer credit reporting agencies, have now threatened to release all the data of Sassa in the next 48 hours. If their demands are not met.
In a written statement, sent at 5.15pm on Wednesday, October 30, they state that:
“We have been hard at work rolling out our promises. We have entered the systems of the Credit bureaus we successfully hacked and used the compromised data sets and backend systems to attack the South African Government and RSA organisations.
“We did warn TransUnion that failure to pay our ransom would result in ultimate destruction. We are deeply infiltrated into the governments and bank systems.”
“We are releasing all the data of Sassa in the next 48 hours.”
N4aughtysec, who style themselves as a “small group based in Brazil with cell groups all over the globe”, claim to have taken “millions of dollars” from the Sassa government system to prove what they are capable of.
As proof of their deeds, they have shared a list of 65 Tyme Bank account numbers and allegedly fraudulently-linked ID numbers that they claim to have used to register as recipients of Sassa SRD grants.
Further describing their actions, they claim to have “bypassed all security by using the XDS bureau infiltration on the TymeBank system and the social security ID numbers from the data we extracted from TransUnion and Experian. We use the TransUnion backend into the Sassa government system. We still have access into the systems.”
In response, TransUnion told the Cape Argus that: “The security of the data we hold is our top priority. We continuously monitor our systems and remain vigilant against any potential threats. We have found no recent evidence of inappropriate access to our systems and confirm that there is no system interface between TransUnion South Africa and Sassa.”
TymeBank CEO Karl Westvig said: “After reviewing the information that was brought to our attention and cross-referencing this against our own records, there are clear discrepancies between the data provided and the customer data we have on record.
“We can therefore confirm TymeBank has not been hacked and that the data has not been taken from our systems. Our initial investigations indicate that the data is likely to have been obtained from another party that our customers may have engaged with separately.”
Westvig added that “we have implemented numerous rules to identify fraudulent accounts and have multiple preventative measures to detect fraud and prevent potential syndicates from accessing these accounts. TymeBank takes the security of our data extremely seriously and we have worldclass processes and controls to mitigate the risks of data loss. We work closely with all industry bodies and government departments to mitigate fraud where possible.”
Cape Argus
